Support Center > Search Results > SecureKnowledge Details
Threat Emulation MTA behaves like fail-close upon failure, even if fail-open policy is configured
Symptoms
  • SmartView Tracker / SmartLog shows the following logs from Threat Emulation blade, although "Allow all connections (Fail-open)" is configured (SmartDashboard - 'Threat Prevention' tab - Advanced - Engine Settings):

    File is pending emulation.
    Type = Alert
    Protocol = tcp
    Interface = MTA
    Service = smtp (25)
    Action = Prevent
    Vulnerable Operating Systems = Pending Emulation...
    Description = Threat scan failed
    

    Example:

Solution
Note: To view this solution you need to Sign In .